public static function validateRequest()
{
$headers = self::getHeaders();
if (isset($headers['Authorization'])) {
$dataAuthorisation = explode(' ', $headers['Authorization']);
$apiData = explode(':', base64_decode($dataAuthorisation[1]));
if (count($apiData) != 2) {
throw new Exception(erTranslationClassLhTranslation::getInstance()->getTranslation('lhrestapi/validation', 'Authorization failed!'));
}
$apiKey = erLhAbstractModelRestAPIKey::findOne(array('enable_sql_cache' => true, 'filter' => array('active' => 1, 'api_key' => $apiData[1])));
if (!$apiKey instanceof erLhAbstractModelRestAPIKey) {
throw new Exception(erTranslationClassLhTranslation::getInstance()->getTranslation('lhrestapi/validation', 'Authorization failed!'));
}
if ($apiKey->user->username != $apiData[0]) {
throw new Exception(erTranslationClassLhTranslation::getInstance()->getTranslation('lhrestapi/validation', 'Authorization failed!'));
}
// API Key
self::$apiKey = $apiKey;
if (isset($_GET['update_activity'])) {
$db = ezcDbInstance::get();
$stmt = $db->prepare('UPDATE lh_userdep SET last_activity = :last_activity WHERE user_id = :user_id');
$stmt->bindValue(':last_activity', time(), PDO::PARAM_INT);
$stmt->bindValue(':user_id', self::$apiKey->user->id, PDO::PARAM_INT);
$stmt->execute();
}
} else {
throw new Exception(erTranslationClassLhTranslation::getInstance()->getTranslation('lhrestapi/validation', 'Authorization header is missing!'));
}
}
// dummy email value to ensure 0 res
$param = $email != '' ? array('email' => $email) : $param;
// init user
$user = $user_id > 0 ? erLhcoreClassModelUser::fetch($user_id) : erLhcoreClassModelUser::findOne(array('filter' => $param));
// check we have data
if (!$user instanceof erLhcoreClassModelUser) {
throw new Exception('User could not be found!');
}
// check if password is given, if so, validate password
if ($password != '') {
// check password encryption type
if (strlen($user->password) == 40) {
// get password hash
$cfgSite = erConfigClassLhConfig::getInstance();
$secretHash = $cfgSite->getSetting('site', 'secrethash');
$pass_hash = sha1($password . $secretHash . sha1($password));
$verified = $user->password == $pass_hash ? 1 : 0;
} else {
$verified = password_verify($password, $user->password) ? 1 : 0;
}
// set new property to user object
$user->pass_verified = $verified;
}
// end of if($password != '')
// loose password
unset($user->password);
erLhcoreClassRestAPIHandler::outputResponse(array('error' => false, 'result' => $user));
} catch (Exception $e) {
echo json_encode(array('error' => true, 'result' => $e->getMessage()));
}
exit;
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
header('Content-Type: application/json');
try {
erLhcoreClassRestAPIHandler::validateRequest();
if (isset($_GET['user_id']) && is_numeric($_GET['user_id'])) {
$userData = erLhcoreClassModelUser::fetch((int) $_GET['user_id']);
} elseif (isset($_GET['username']) && !empty($_GET['username'])) {
$userData = erLhcoreClassModelUser::findOne(array('filter' => array('username' => $_GET['username'])));
} elseif (isset($_GET['email']) && !empty($_GET['email'])) {
$userData = erLhcoreClassModelUser::findOne(array('filter' => array('email' => $_GET['email'])));
}
if (!$userData instanceof erLhcoreClassModelUser) {
throw new Exception('User could not be found!');
}
if ($_GET['status'] == 'true') {
$userData->hide_online = 0;
$text = 'flash_on';
} else {
$text = 'flash_off';
$userData->hide_online = 1;
}
$userData->operation_admin .= "\$('#online-offline-user').text('" . $text . "');";
erLhcoreClassUser::getSession()->update($userData);
erLhcoreClassUserDep::setHideOnlineStatus($userData);
erLhcoreClassRestAPIHandler::outputResponse(array('offline' => $userData->hide_online));
erLhcoreClassChatEventDispatcher::getInstance()->dispatch('chat.operator_status_changed', array('user' => &$userData, 'reason' => 'rest_api'));
} catch (Exception $e) {
echo json_encode(array('error' => true, 'result' => $e->getMessage()));
}
exit;
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
header('Content-Type: application/json');
try {
erLhcoreClassRestAPIHandler::validateRequest();
$chat = erLhcoreClassModelChat::fetch((int) $_GET['chat_id']);
if (erLhcoreClassRestAPIHandler::hasAccessToRead($chat) == true) {
erLhcoreClassRestAPIHandler::outputResponse(array('error' => false, 'chat' => erLhcoreClassModelChat::fetch((int) $_GET['chat_id'])));
} else {
throw new Exception(erTranslationClassLhTranslation::getInstance()->getTranslation('lhrestapi/validation', 'You do not have permission to read this chat!'));
}
} catch (Exception $e) {
echo json_encode(array('error' => true, 'result' => $e->getMessage()));
}
exit;
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
header('Content-Type: application/json');
try {
erLhcoreClassRestAPIHandler::validateRequest();
$chat = erLhcoreClassModelChat::fetch((int) $_GET['chat_id']);
if (erLhcoreClassRestAPIHandler::hasAccessToRead($chat) == true) {
erLhcoreClassRestAPIHandler::outputResponse(array('error' => false, 'messages' => erLhcoreClassChat::getPendingMessages($chat->id, isset($_GET['last_message_id']) ? (int) $_GET['last_message_id'] : 0)));
} else {
throw new Exception(erTranslationClassLhTranslation::getInstance()->getTranslation('lhrestapi/validation', 'You do not have permission to read this chat!'));
}
} catch (Exception $e) {
echo json_encode(array('error' => true, 'result' => $e->getMessage()));
}
exit;
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
header('Content-Type: application/json');
try {
erLhcoreClassRestAPIHandler::validateRequest();
if (isset($_GET['user_id']) && is_numeric($_GET['user_id'])) {
$userData = erLhcoreClassModelUser::fetch((int) $_GET['user_id']);
} elseif (isset($_GET['username']) && !empty($_GET['username'])) {
$userData = erLhcoreClassModelUser::findOne(array('filter' => array('username' => $_GET['username'])));
} elseif (isset($_GET['email']) && !empty($_GET['email'])) {
$userData = erLhcoreClassModelUser::findOne(array('filter' => array('email' => $_GET['email'])));
}
if (!$userData instanceof erLhcoreClassModelUser) {
throw new Exception('User could not be found!');
}
if ($_GET['status'] == 'false') {
$userData->invisible_mode = 0;
$text = 'visibility_on';
} else {
$text = 'visibility_off';
$userData->invisible_mode = 1;
}
$userData->operation_admin .= "\$('#vi-in-user').text('" . $text . "');";
erLhcoreClassUser::getSession()->update($userData);
erLhcoreClassRestAPIHandler::outputResponse(array('invisible' => $userData->invisible_mode));
erLhcoreClassChatEventDispatcher::getInstance()->dispatch('chat.operator_visibility_changed', array('user' => &$userData, 'reason' => 'rest_api'));
} catch (Exception $e) {
echo json_encode(array('error' => true, 'result' => $e->getMessage()));
}
exit;
<?php
header('content-type: application/json; charset=utf-8');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
erLhcoreClassRestAPIHandler::outputResponse(array('isonline' => erLhcoreClassChat::isOnline((int) $Params['user_parameters']['department_id'], true, array('online_timeout' => (int) erLhcoreClassModelChatConfig::fetch('sync_sound_settings')->data['online_timeout']))));
exit;
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
header('Content-Type: application/json');
try {
erLhcoreClassRestAPIHandler::validateRequest();
erLhcoreClassRestAPIHandler::outputResponse(erLhcoreClassRestAPIHandler::validateDepartaments());
} catch (Exception $e) {
echo json_encode(array('error' => true, 'result' => $e->getMessage()));
}
exit;
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
header('Content-Type: application/json');
try {
erLhcoreClassRestAPIHandler::validateRequest();
erLhcoreClassRestAPIHandler::outputResponse(erLhcoreClassRestAPIHandler::validateChatList());
} catch (Exception $e) {
echo json_encode(array('error' => true, 'result' => $e->getMessage()));
}
exit;
<?php
header('content-type: application/json; charset=utf-8');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
erLhcoreClassRestAPIHandler::outputResponse(array('isonline' => erLhcoreClassChat::isOnline(false, false, array('online_timeout' => (int) erLhcoreClassModelChatConfig::fetch('sync_sound_settings')->data['online_timeout']))));
exit;
